By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Store AWS data before closing account

0

Hello, I'm planning to close an AWS account by I want to store all the data related to it (EC2 instances, eks cluster details, s3 buckets, IAM config, etc.), what's the best way to do that?

Topics
Cloud Financial Management
Tags
AWS Billing
Language
English
Mehdi
asked 4 months ago145 views
2 Answers
0

Hello.

As far as I know, there is no way to get all the configuration contents at once.
So, why not try getting the configuration information of the supported AWS resources one by one using "batch-get-resource-config" as shown below?
I think you can also create shell scripts by combining it with "list-discovered-resources" etc.
https://docs.aws.amazon.com/cli/latest/reference/configservice/batch-get-resource-config.html
https://awscli.amazonaws.com/v2/documentation/api/latest/reference/configservice/list-discovered-resources.html

aws configservice batch-get-resource-config --resource-keys resourceType="AWS::EC2::Instance",resourceId="i-yyyyyyyyyyy" --region ap-northeast-1

I think you will need to configure settings such as AWS Config, so please also check the document below.
https://docs.aws.amazon.com/config/latest/developerguide/select-resources.html

Alternatively, there may be a way to obtain details using the "describe" command on the AWS CLI for each AWS resource.

profile picture
EXPERT
Riku_Kobayashi
answered 4 months ago
0

Are you maybe thinking of restoring it someday? Since you are asking this, I assume you haven't used infrastructure-as-code (Cloudformation, Terraform, CDK ...) approach on creating, but rather done it from console or cmd-line, because then restore or rather rebuild would be possible without taking that backup of configuration. There are also tools like Former2 that can generate IaC code from your AWS account. Just don't expect to be able to run it as-is when you decide to come back as things might have change. Simple example would be naming of S3 buckets. Namespace is global and when you delete your bucket called "my-first-s3-bucket", that name can be taken by someone else and you won't be able create it again. Also any kind of hard-coded references in accounts and resource IDs (e.g. in IAM policies) are going to be difficult to restore without rewriting.

I guess the short answer is "no", but there are ways to do this to certain extent. I would ask, have you thought just stopping active components that generate cost when idle and leaving everything else (including you data) in-place. If it is likely you will need this in months, this might be the best option. And if it turns out you don't, after awhile you might not need that backup anyways because some of it has become obsolite anyways.

https://aws.amazon.com/blogs/opensource/accelerate-infrastructure-as-code-development-with-open-source-former2/

profile picture
EXPERT
Kallu
answered 4 months ago
profile picture
EXPERT
Antonio_Lagrotteria
reviewed 3 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content